CN109600161B - Secure independent managed payload operation - Google Patents

Secure independent managed payload operation Download PDF

Info

Publication number
CN109600161B
CN109600161B CN201811128545.5A CN201811128545A CN109600161B CN 109600161 B CN109600161 B CN 109600161B CN 201811128545 A CN201811128545 A CN 201811128545A CN 109600161 B CN109600161 B CN 109600161B
Authority
CN
China
Prior art keywords
host
payload
managed
encrypted
antenna
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201811128545.5A
Other languages
Chinese (zh)
Other versions
CN109600161A (en
Inventor
Y-F·J·陈
R·J·温格
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Boeing Co
Original Assignee
Boeing Co
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from US15/724,091 external-priority patent/US11201707B2/en
Application filed by Boeing Co filed Critical Boeing Co
Publication of CN109600161A publication Critical patent/CN109600161A/en
Application granted granted Critical
Publication of CN109600161B publication Critical patent/CN109600161B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04BTRANSMISSION
    • H04B7/00Radio transmission systems, i.e. using radiation field
    • H04B7/14Relay systems
    • H04B7/15Active relay systems
    • H04B7/185Space-based or airborne stations; Stations for satellite systems
    • H04B7/1851Systems using a satellite or space-based relay
    • H04B7/18515Transmission equipment in satellites or space-based relays
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04BTRANSMISSION
    • H04B7/00Radio transmission systems, i.e. using radiation field
    • H04B7/14Relay systems
    • H04B7/15Active relay systems
    • H04B7/185Space-based or airborne stations; Stations for satellite systems
    • H04B7/1851Systems using a satellite or space-based relay
    • H04B7/18519Operations control, administration or maintenance
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04BTRANSMISSION
    • H04B7/00Radio transmission systems, i.e. using radiation field
    • H04B7/14Relay systems
    • H04B7/15Active relay systems
    • H04B7/185Space-based or airborne stations; Stations for satellite systems
    • H04B7/1851Systems using a satellite or space-based relay
    • H04B7/18517Transmission equipment in earth stations
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04BTRANSMISSION
    • H04B7/00Radio transmission systems, i.e. using radiation field
    • H04B7/14Relay systems
    • H04B7/15Active relay systems
    • H04B7/185Space-based or airborne stations; Stations for satellite systems
    • H04B7/18578Satellite systems for providing broadband data service to individual earth stations
    • H04B7/18593Arrangements for preventing unauthorised access or for providing user protection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • GPHYSICS
    • G05CONTROLLING; REGULATING
    • G05DSYSTEMS FOR CONTROLLING OR REGULATING NON-ELECTRIC VARIABLES
    • G05D1/00Control of position, course, altitude or attitude of land, water, air or space vehicles, e.g. using automatic pilots
    • G05D1/0011Control of position, course, altitude or attitude of land, water, air or space vehicles, e.g. using automatic pilots associated with a remote control arrangement
    • G05D1/0022Control of position, course, altitude or attitude of land, water, air or space vehicles, e.g. using automatic pilots associated with a remote control arrangement characterised by the communication link

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Physics & Mathematics (AREA)
  • Astronomy & Astrophysics (AREA)
  • Aviation & Aerospace Engineering (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Radio Relay Systems (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Selective Calling Equipment (AREA)
  • Telephonic Communication Services (AREA)
  • Laminated Bodies (AREA)

Abstract

Secure independent managed payload operations are disclosed. Systems, methods, and apparatus for secure independent managed payload operations are disclosed. In one or more embodiments, the disclosed method for payload operation includes receiving, by a command receiver on a vehicle, a host command from a host Satellite Operation Center (SOC). The method also includes commanding the managed payload to turn on or off in accordance with the host command. Further, the method includes reconfiguring the host payload according to the host command. In addition, the method includes sending the host user data to the host user antenna through the host payload antenna. Additionally, the method includes receiving, by a managed payload antenna on the vehicle, a managed command from a managed payload (HoP) operations center (HOC). Further, the method includes reconfiguring the managed payload according to the managed command. Further, the method includes sending, by the managed payload antenna, the managed user data to the managed user antenna.

Description

Secure independent managed payload operation
Technical Field
The present disclosure relates to payload operations. In particular, the present disclosure relates to secure independent managed (hosted) payload operations.
Background
Currently, typical payload operations for a vehicle (e.g., a satellite) have the ability to perform input-to-output switching of the payload on the vehicle. All these handovers on the payload are commanded and controlled by a single satellite controller without resource allocation privacy.
Therefore, there is a need for an improved payload operation design that allows for privacy in the allocation of resources on the payload.
Disclosure of Invention
The present disclosure relates to methods, systems, and apparatus for secure independent managed payload operations. In one or more embodiments, a method for payload operations includes sending an encrypted host command through a host (host) Satellite Operations Center (SOC), wherein the encrypted host command is encrypted with a host communication security (COMSEC) variant (variance). The method also includes receiving, by a command receiver on the vehicle, the encrypted host command. Further, the method includes decrypting, by the host communication security module, the encrypted host command by utilizing a host COMSEC variant to produce an unencrypted host command. Further, the method includes commanding the managed payload to turn on or off in accordance with the unencrypted host command. Additionally, the method includes reconfiguring the host payload according to the unencrypted host command. Further, the method includes transmitting, by the host payload antenna, the host user data to the host user antenna. Additionally, the method includes encrypting, by the host communication security module, unencrypted host payload telemetry by utilizing the host COMSEC variant to produce encrypted host payload telemetry. Additionally, the method includes transmitting, by the telemetry transmitter, encrypted host payload telemetry. Further, the method includes decrypting, by the host SOC, the host payload telemetry by utilizing the host COMSEC variant to produce unencrypted host payload telemetry. Further, the method includes encrypting, by a managed payload (HoP) operations center (HOC), the unencrypted managed command by utilizing a managed COMSEC variant to produce an encrypted managed command.
Further, the method includes sending, by a managed payload (HoP) operations center (HOC), the encrypted managed command, wherein the encrypted managed command is encrypted with a managed COMSEC variant. Additionally, the method includes receiving, by a managed payload antenna on the carrier, the encrypted managed command. Additionally, the method includes decrypting, by the managed communications security module on the managed payload, the encrypted managed command by utilizing the managed COMSEC variant to produce an unencrypted managed command. Further, the method includes reconfiguring, by a managed processor on the managed payload, the managed payload according to the unencrypted managed command. In addition, the method includes sending, by the managed payload antenna, the managed user data to the managed user antenna. Additionally, the method includes encrypting, by the managed communications security module, unencrypted managed payload telemetry by utilizing the managed COMSEC variant to produce encrypted managed payload telemetry. Further, the method includes transmitting the encrypted managed telemetry through a managed payload antenna. Further, the method includes decrypting, by the HOC, the encrypted managed telemetry by utilizing a managed COMSEC variant to produce unencrypted managed telemetry.
In one or more embodiments, the managed processor includes the managed communication security module as a single unit. In some embodiments, the managed communications security module and the managed processor are two separate units.
In at least one embodiment, the managed processor comprises at least one processor. In some embodiments, the host payload includes at least one processor.
In one or more embodiments, the host communication security module includes more than one communication security module. In some embodiments, at least one of the communication security modules is a redundant communication security module.
In at least one embodiment, the hosted communication security module includes more than one communication security module. In some embodiments, at least one of the communication security modules is a redundant communication security module.
In one or more embodiments, the host payload antenna and the host payload antenna each include at least one Radio Frequency (RF) antenna. In at least one embodiment, the RF antenna is a reflector antenna. In some embodiments, the RF antenna is a multi-feed array antenna.
In at least one embodiment, the reconfiguration of the host payload and/or the managed payload includes adjusting at least one of: transponder (transponder) power, transponder spectrum monitoring, transponder connection, transponder gain setting, transponder limiter setting, transponder automatic level control setting, transponder phase setting, internal gain generation, bandwidth of at least one beam, at least one frequency band of at least one of the at least one beam, transponder beamforming setting, Effective Isotropic Radiated Power (EIRP) of at least one of the at least one beam, transponder channel, or beam steering.
In one or more embodiments, the reconfiguration of the host payload includes reconfiguring at least one of: a host payload antenna, at least one analog-to-digital converter, at least one digital-to-analog converter, at least one beamformer, at least one digital channelizer (channelizer), at least one demodulator, at least one modulator, at least one digital switch matrix, at least one digital combiner, or at least one analog switch matrix.
In at least one embodiment, the reconfiguration of the managed payload includes reconfiguring at least one of: a managed payload antenna, at least one analog-to-digital converter, at least one digital-to-analog converter, at least one beamformer, at least one digital channelizer, at least one demodulator, at least one modulator, at least one digital switching matrix, at least one digital combiner, or at least one analog switching matrix.
In one or more embodiments, the vehicle is an air vehicle. In at least one embodiment, the air vehicle is a satellite, an aircraft, an Unmanned Aerial Vehicle (UAV), or a space vehicle.
In at least one embodiment, a method for payload operations includes sending an encrypted host command through a host Satellite Operations Center (SOC), wherein the encrypted host command is encrypted with a host communication security (COMSEC) variant. The method also includes receiving, by a command receiver on the vehicle, the encrypted host command. Further, the method includes decrypting, by the host communication security module, the encrypted host command by utilizing the host COMSEC variant to produce an unencrypted host command. Further, the method includes commanding the managed payload to turn on or off in accordance with the unencrypted host command. Additionally, the method includes reconfiguring the host payload in accordance with the unencrypted host command. Further, the method includes transmitting, by the host payload antenna, the host user data to the host user antenna. In addition, the method includes receiving host user data via a host user antenna. Additionally, the method includes encrypting, by the host communication security module, unencrypted host payload telemetry by utilizing the host COMSEC variant to produce encrypted host payload telemetry. Further, the method includes sending encrypted host payload telemetry through the host payload antenna. Additionally, the method includes decrypting, by the host SOC, the host payload telemetry by utilizing the host COMSEC variant to produce unencrypted host payload telemetry.
Further, the method includes sending, by a managed payload (HoP) operations center (HOC), the encrypted managed command, wherein the encrypted managed command is encrypted with a managed COMSEC variant. In addition, the method includes receiving, by a managed payload antenna on the carrier, the encrypted managed command. Additionally, the method includes decrypting, by the managed communications security module on the managed payload, the encrypted managed command by utilizing the managed COMSEC variant to produce an unencrypted managed command. Further, the method includes reconfiguring, by the escrow processor on the escrow payload, the escrow payload according to the unencrypted escrow command. In addition, the method includes sending, by the managed payload antenna, the managed user data to the managed user antenna. The method also includes encrypting, by the escrow communication security module, unencrypted escrow payload telemetry using the escrow COMSEC variant to produce encrypted escrow payload telemetry. Additionally, the method includes sending encrypted managed telemetry through a managed payload antenna. Further, the method includes decrypting, by the HOC, the encrypted managed telemetry by utilizing a managed COMSEC variant to produce unencrypted managed telemetry.
In one or more embodiments, a method for payload operations includes sending an encrypted host command through a host Satellite Operation Center (SOC), wherein the encrypted host command is encrypted with a host communication security (COMSEC) variant. The method also includes receiving, by a host payload antenna on the vehicle, the encrypted host command. Further, the method includes decrypting, by the host communication security module, the encrypted host command by utilizing the host COMSEC variant to produce an unencrypted host command. Further, the method includes commanding the managed payload to turn on or off in accordance with the unencrypted host command. Additionally, the method includes reconfiguring the host payload in accordance with the unencrypted host command. Further, the method includes transmitting, by the host payload antenna, the host user data to the host user antenna. Additionally, the method includes encrypting, by the host communication security module, unencrypted host payload telemetry by utilizing the host COMSEC variant to produce encrypted host payload telemetry. In addition, the method includes transmitting encrypted host payload telemetry via a telemetry transmitter. Additionally, the method includes decrypting, by the host SOC, the host payload telemetry by utilizing the host COMSEC variant to produce unencrypted host payload telemetry.
Further, the method includes sending, by a managed payload (HoP) operations center (HOC), the encrypted managed command, wherein the encrypted managed command is encrypted with a managed COMSEC variant. In addition, the method includes receiving, by a managed payload antenna on the carrier, the encrypted managed command. Additionally, the method includes decrypting, by the managed communications security module on the managed payload, the encrypted managed command by utilizing the managed COMSEC variant to produce an unencrypted managed command. Further, the method includes reconfiguring, by the escrow processor on the escrow payload, the escrow payload according to the unencrypted escrow command. In addition, the method includes sending, by the managed payload antenna, the managed user data to the managed user antenna. Additionally, the method includes encrypting, by the managed communications security module, the unencrypted managed payload telemetry to produce encrypted managed payload telemetry. Further, the method includes sending encrypted managed telemetry through a managed payload antenna. Further, the method includes decrypting, by the HOC, the encrypted managed telemetry by utilizing a managed COMSEC variant to produce unencrypted managed telemetry.
In at least one embodiment, a method for payload operations includes sending an encrypted host command through a host Satellite Operations Center (SOC), wherein the encrypted host command is encrypted with a host communication security (COMSEC) variant. Further, the method includes receiving, by a host payload antenna on the vehicle, the encrypted host command. Additionally, the method includes decrypting, by the host communication security module, the encrypted host command by utilizing the host COMSEC variant to produce an unencrypted host command. Further, the method includes commanding the managed payload to turn on or off in accordance with the unencrypted host command. Further, the method includes reconfiguring the host payload in accordance with the unencrypted host command. Additionally, the method includes sending the host user data to the host user antenna through the host payload antenna. Further, the method includes encrypting, by the host communication security module, unencrypted host payload telemetry using the host COMSEC variant to produce encrypted host payload telemetry. Additionally, the method includes sending encrypted host payload telemetry through the host payload antenna. Further, the method includes decrypting, by the host SOC, the host payload telemetry by utilizing the host COMSEC variant to produce unencrypted host payload telemetry.
Further, the method includes sending, by a managed payload (HoP) operations center (HOC), the encrypted managed command, wherein the encrypted managed command is encrypted with a managed COMSEC variant. Further, the method includes receiving, by a managed payload antenna on the carrier, the encrypted managed command. Further, the method includes decrypting, by the managed communications security module on the managed payload, the encrypted managed command by utilizing the managed COMSEC variant to produce an unencrypted managed command. Additionally, the method includes reconfiguring, by the escrow processor on the escrow payload, the escrow payload according to the unencrypted escrow command. Further, the method includes sending, by the managed payload antenna, the managed user data to the managed user antenna. Further, the method includes encrypting, by the escrow communication security module, the unencrypted escrow payload telemetry to produce encrypted escrow payload telemetry. Additionally, the method includes sending encrypted managed telemetry through a managed payload antenna. Further, the method includes decrypting, by the HOC, the encrypted managed telemetry by utilizing a managed COMSEC variant to produce unencrypted managed telemetry.
The features, functions, and advantages can be achieved independently in various embodiments of the present disclosure or may be combined in yet other embodiments.
Drawings
These and other features, aspects, and advantages of the present disclosure will become better understood with regard to the following description, appended claims, and accompanying drawings where:
fig. 1 is a schematic diagram illustrating the disclosed system for secure standalone hosted payload operation, where both host commands and host telemetry are sent out-of-band, in accordance with at least one embodiment of the present disclosure.
Fig. 2A, 2B, 2C, 2D, 2E, and 2F together illustrate a flow diagram of the disclosed method for secure independent managed payload operation, where both host commands and host telemetry are sent out-of-band, in accordance with at least one embodiment of the present disclosure.
Fig. 3 is a schematic diagram illustrating the disclosed system for secure standalone hosted payload operation, where host commands are sent out-of-band and host telemetry is sent in-band, in accordance with at least one embodiment of the present disclosure.
Fig. 4A, 4B, 4C, 4D, 4E, and 4F together illustrate a flow diagram of the disclosed method for secure standalone hosted payload operation, where host commands are sent out-of-band and host telemetry is sent in-band, in accordance with at least one embodiment of the present disclosure.
Fig. 5 is a schematic diagram illustrating the disclosed system for secure standalone hosted payload operation, where host commands are sent in-band and host telemetry is sent out-of-band, in accordance with at least one embodiment of the present disclosure.
Fig. 6A, 6B, 6C, 6D, 6E, and 6F together illustrate a flow diagram of the disclosed method for secure standalone hosted payload operation, where host commands are sent in-band and host telemetry is sent out-of-band, in accordance with at least one embodiment of the present disclosure.
Fig. 7 is a schematic diagram illustrating the disclosed system for secure standalone hosted payload operation, where both host commands and host telemetry are sent in-band, in accordance with at least one embodiment of the present disclosure.
Fig. 8A, 8B, 8C, 8D, 8E, and 8F together illustrate a flow diagram of the disclosed method for secure independent managed payload operation, where both host commands and host telemetry are sent in-band, in accordance with at least one embodiment of the present disclosure.
Detailed Description
The methods and apparatus disclosed herein provide an operating system for secure independent managed payload operations. The system of the present disclosure allows vehicle operators to share vehicle resources privately.
As previously described above, currently, typical payload operations for a vehicle (e.g., a satellite) have the ability to perform input-to-output switching of the payload on the vehicle. All these handovers on the payload are commanded and controlled by a single satellite controller without resource allocation privacy.
The disclosed system allows private carrier resource allocation and control that provides the carrier user the ability to privately and dynamically allocate resources (e.g., host payloads and/or managed payloads) as needed.
It should be noted that the host payload and/or managed payload of the disclosed system for private carrier resource allocation and control may employ a variety of different types of forwarders. For example, a variety of different types of transponders may be employed, including, but not limited to, a variety of different types of digital transponders, a variety of different types of analog transponders (e.g., conventional repeater-type transponders), and a variety of different types of analog/digital transponder combinations.
It should be noted that in this disclosure, in-band(s) refer to the same band(s) as the band(s) used to transmit payload data (e.g., host payload data and/or host payload data); and the out-of-band frequency band(s) refers to frequency band(s) different from the frequency band(s) used to transmit payload data (e.g., host payload data).
In the following description, numerous details are set forth in order to provide a more thorough description of the system. However, it will be apparent to one skilled in the art that the disclosed system may be practiced without these specific details. In other instances, well known features have not been described in detail so as not to unnecessarily obscure the system.
Embodiments of the present disclosure may be described in terms of functional and/or logical components and various processing steps. It should be appreciated that these components may be realized by any number of hardware, software, and/or firmware components configured to perform the specified functions. For example, embodiments of the present disclosure may employ various integrated circuit components (e.g., memory elements, digital signal processing elements, logic elements, look-up tables, or the like), which may carry out a variety of functions under the control of one or more processors, microprocessors, or other control devices. In addition, those skilled in the art will appreciate that embodiments of the present disclosure may be practiced in conjunction with other components, and that the system described herein is merely one example embodiment of the disclosure.
For the sake of brevity, conventional techniques and components related to satellite communication systems, as well as other functional aspects of the systems (and the individual operating components of the systems) may not be described in detail herein. Furthermore, the connecting lines shown in the various figures contained herein are intended to represent example functional relationships and/or physical couplings between the various elements. It should be noted that many alternative or additional functional relationships or physical connections may be present in an embodiment of the disclosure.
Fig. 1 is a schematic diagram 100 illustrating the disclosed system for secure standalone hosted payload operation, where both host commands and host telemetry are sent out-of-band, in accordance with at least one embodiment of the present disclosure. In this figure, a vehicle 110, a host Satellite Operation Center (SOC)150, and a managed payload (HoP) operation center (HOC)160 are shown. Various different types of carriers may be employed for the carriers 110, including but not limited to air carriers. Also, a variety of different types of air vehicles may be employed for the vehicles, including, but not limited to, satellites, aircraft, Unmanned Aerial Vehicles (UAVs), and space vehicles.
Where satellites are employed for the vehicle 100, it should be noted that satellites typically include computer controlled systems. The satellite typically includes a bus and a payload (e.g., host payload 106 and/or host payload(s) 105). The bus may include a system (which includes components) that controls the satellites. These systems perform tasks such as power generation and control, thermal control, telemetry, attitude control, orbit control, and other suitable operations.
The payload of the satellite provides functionality for the user of the satellite. The payload may include an antenna, a transponder, and other suitable devices. For example, with respect to communications, payloads in satellites may be used to provide internet access, telephone communications, radio, television, and/or other types of communications. It should be noted that in one or more embodiments, the satellite (i.e., vehicle 110) includes multiple separate payloads, which are host payload 106 and managed payload(s) 105. Different entities may use different payloads on the satellite. For example, a host user (e.g., an owner of a satellite) may utilize host payload 106, and the host user may lease managed payload 105 to a managed user (e.g., a customer) utilizing managed payload 105.
Leasing the payload(s) (e.g., the hosted payload (s)) to the customer(s) may increase revenue that a user of the satellite (e.g., a host user) may obtain. Further, the customer may use a subset of the total resources in the satellite at a cost less than the cost of the customer to purchase and operate the satellite, build and operate the satellite, or lease the entire satellite.
During operation, the host SOC 150 encrypts unencrypted host commands (i.e., unencrypted SOC commands) by utilizing a host communication security (COMSEC) variant to produce encrypted host commands (i.e., encrypted SOC commands). The host commands are commands for configuring the host payload 106 utilized by the host SOC 150. It should be noted that the host COMSEC variant may include at least one encryption key and/or at least one algorithm (e.g., a type 1 encryption algorithm or a type 2 encryption algorithm).
The host SOC 150 then sends 115 the encrypted host commands to the host ground antenna 116. The host ground antenna 116 then sends 120 the encrypted host command to the command antenna 121 on the vehicle 110. The host terrestrial antenna 116 transmits 120 the encrypted host commands using the out-of-band frequency band(s) (i.e., frequency band(s) different from the frequency band(s) used to transmit the payload data). The command antenna 121 on the carrier 110 then sends 122 the encrypted host command to the command receiver 135.
The command receiver 135 then sends 152 the encrypted host command to the host communication security module 162. The host communication security module 162 decrypts the encrypted host command using the host COMSEC variant to generate an unencrypted host command.
It should be noted that the host communication security module 162 may include one or more communication security modules (e.g., communication security module 1 and communication security module 2, where communication security module 2 is a redundant communication security module utilized in the presence of a failure of communication security module 1), where the additional communication security module is a redundant communication security module utilized in the presence of a failure of communication security module. Further, the host communication security module 162 may include one or more processors.
The host communication security module 162 then sends 170 the unencrypted host command to the host payload 106. Host payload 106 is reconfigured according to unencrypted host commands. The reconfiguration of the host payload 106 may include adjusting at least one of: repeater power, repeater spectrum monitoring, repeater connection, repeater gain setting, repeater limiter setting, repeater automatic level control setting, repeater phase setting, internal gain generation, bandwidth of at least one beam, at least one frequency band of at least one of the at least one beam, repeater beamforming setting, Effective Isotropic Radiated Power (EIRP) of at least one of the at least one beam, repeater channel, or beam steering. Additionally, the reconfiguration of host payload 106 may include reconfiguring at least one of: a host payload antenna, at least one analog-to-digital converter, at least one digital-to-analog converter, at least one beamformer, at least one digital channelizer, at least one demodulator, at least one modulator, at least one digital switch matrix, at least one digital combiner, or at least one analog switch matrix. In one or more embodiments, the host payload includes 106 one or more processors.
After reconfiguring the host payload 106, the host payload antenna 107 then transmits the host user data (e.g., in one or more antenna beams 108) to the host user antenna 185 on the ground. It should be noted that in other embodiments, the host user antenna 185 may be airborne (e.g., located on an aircraft or satellite) or offshore (e.g., located on a ship) rather than on land (e.g., located on the ground) as shown in FIG. 1. Host communication security module 162 then sends 171 an unencrypted host command to escrow payload 105 to command escrow payload 105 to turn on or off in accordance with the unencrypted host command.
Further, it should be noted that although in fig. 1, the antenna beam 108 is shown as comprising a single circular spot beam; in other embodiments, however, antenna beam 108 may include more than one beam as shown in fig. 1 (e.g., antenna beam 108 may include multiple beams and antenna beam 108 may include a beam that is different in shape than the circular spot beam shown in fig. 1 (e.g., antenna beam 108 may include an elliptical beam and/or a shaped beam of various different shapes).
It should be noted that in one or more embodiments, host payload antenna 107 may include one or more dish reflectors, including but not limited to parabolic reflectors and/or shaped reflectors. In some embodiments, host payload antenna 107 may include one or more multi-feed antenna arrays.
Host payload 106 sends 109 unencrypted host telemetry (i.e., unencrypted SOC telemetry, which is telemetry data related to host payload 106 utilized by host SOC 150) to host communication security module 162. Host communication security module 162 then encrypts the unencrypted host telemetry using the host COMSEC variant to generate encrypted host telemetry (i.e., encrypted SOC telemetry).
The host communication security module 162 then transmits 193 the encrypted host telemetry to a telemetry transmitter 194. Telemetry transmitter 194 then transmits 195 the encrypted host telemetry to telemetry antenna 196. The telemetry antenna 196 then sends 197 the encrypted host telemetry to the host surface antenna 116. The telemetry antenna 196 transmits 197 the encrypted host telemetry using the out-of-band(s). The host surface antenna 116 sends 198 the encrypted host telemetry to the host SOC 150. Host SOC 150 then decrypts the encrypted host telemetry using the host COMSEC variant to generate unencrypted host telemetry.
The HOC 160 encrypts the unencrypted escrow command (i.e., unencrypted HOC command) by utilizing a escrow communication security (COMSEC) variant to produce an encrypted escrow command (i.e., encrypted HOC command). A escrow command is a command to configure escrow payload 105 utilized by HOC 160. It should be noted that the escrow COMSEC variant can include at least one encryption key and/or at least one algorithm (e.g., a type 1 encryption algorithm or a type 2 encryption algorithm).
HOC 160 then sends 126 the encrypted escrow command to escrow gateway antenna 127. Escrow gateway antenna 127 then sends 125 the encrypted escrow command to escrow payload antenna 180 on carrier 110. The escrow gateway antenna 127 transmits 125 the encrypted escrow command using the in-band(s), i.e., the same band(s) as used to transmit the payload data. Managed payload antenna 180 on carrier 110 then sends 182 the encrypted managed command to processor 183 on managed payload 105. In one or more embodiments, managed processor 183 comprises one or more processors. Escrow processor 183 sends 184 the encrypted escrow command to escrow communication security module 165. The managed communication security module 165 decrypts the encrypted managed command using the managed COMSEC variant to generate an unencrypted managed command.
It should be noted that the hosting communication security module 165 may include one or more communication security modules (e.g., the communication security module 3 and the communication security module 4, where the communication security module 4 is a redundant communication security module utilized in the presence of a failure of the communication security module 3), where the additional communication security module is a redundant communication security module utilized in the presence of a failure of the communication security module. Further, the managed communication security module 165 may include one or more processors. In some embodiments, managed communication security module 165 and managed processor 183 are separate units, as shown in fig. 1. In other embodiments, managed communication security module 165 and managed processor 183 are a single unit.
Escrow communication security module 165 then sends 186 the unencrypted escrow command to escrow processor 183. Escrow payload 105 is reconfigured by escrow processor 183 according to the unencrypted escrow command. The reconfiguration of managed payload 105 may include adjusting at least one of: repeater power, repeater spectrum monitoring, repeater connection, repeater gain setting, repeater limiter setting, repeater automatic level control setting, repeater phase setting, internal gain generation, bandwidth of at least one beam, frequency band of at least one of the at least one beam, repeater beamforming setting, Effective Isotropic Radiated Power (EIRP) of at least one of the at least one beam, repeater channel, or beam steering. Additionally, reconfiguration of managed payload 105 may include reconfiguration of at least one of: a host payload antenna, at least one analog-to-digital converter, at least one digital-to-analog converter, at least one beamformer, at least one digital channelizer, at least one demodulator, at least one modulator, at least one digital switch matrix, at least one digital combiner, or at least one analog switch matrix. After reconfiguration of managed payload 105, managed payload antenna 180 then transmits the managed user data (e.g., in one or more antenna beams 181) to managed user antenna 190 on the ground. It should be noted that in other embodiments, the hosted user antenna 190 may be airborne (e.g., located on an aircraft or satellite) or offshore (e.g., located on a ship) rather than on land (e.g., located on the ground) as shown in fig. 1.
Further, it should be noted that although in fig. 1, the antenna beam 181 is shown as comprising a single circular spot beam; in other embodiments, however, antenna beam 181 may include more than one beam as shown in fig. 1 (e.g., antenna beam 181 may include multiple beams and antenna beam 181 may include a beam that is different in shape than a circular spot beam as shown in fig. 1 (e.g., antenna beam 181 may include an elliptical beam and/or a shaped beam of various different shapes).
It should be noted that in one or more embodiments, managed payload antenna 180 may include one or more dish reflectors, including but not limited to parabolic and/or shaped reflectors. In some embodiments, host payload antenna 180 may include one or more multi-feed antenna arrays.
Escrow processor 183 sends 187 unencrypted escrow telemetry (i.e., unencrypted HOC telemetry, which is telemetry data related to escrow payload 105 utilized by HOC 160) to escrow communication security module 165. Escrow communication security module 165 then encrypts unencrypted escrow telemetry using the escrow COMSEC variant to generate encrypted escrow telemetry (i.e., encrypted HOC telemetry).
Escrow communication security module 165 then sends 188 the encrypted escrow telemetry to escrow processor 183. Escrow processor 183 then sends 189 the encrypted escrow telemetry to escrow payload antenna 180. The escrow payload antenna 180 then sends 191 the encrypted escrow telemetry to escrow gateway antenna 127. The managed payload antenna 180 transmits 191 encrypted managed telemetry using the in-band(s). Escrow gateway antenna 127 sends 192 encrypted escrow telemetry to HOC 160. The HOC 160 then decrypts the encrypted hosted telemetry using a hosted COMSEC variant to generate unencrypted hosted telemetry.
Fig. 2A, 2B, 2C, 2D, 2E, and 2F together illustrate a flow diagram of the disclosed method for secure standalone hosted payload operation, where both host commands and host telemetry are sent out-of-band, in accordance with at least one embodiment of the present disclosure. At the start 200 of the method, a host Satellite Operations Center (SOC) encrypts an unencrypted host command by utilizing a host communication security (COMSEC) variant to produce an encrypted host command 202. The host SOC then sends the encrypted host commands to the host ground antenna 204. The encrypted host commands are then received by the host terrestrial antenna 206. The host ground antenna then sends the encrypted host commands to the command antenna 208 on the vehicle. The command antenna then receives the encrypted host command 210. The command antenna then sends the encrypted host command to the command receiver 212. The command receiver then receives the encrypted host command 214. The command receiver then sends the encrypted host command to the host communication security module 216.
The host communication security module then receives the encrypted host command 218. The host communication security module then decrypts the encrypted host command by utilizing the host COMSEC variant to produce an unencrypted host command 220. The host communication security module then sends the unencrypted host command to the host payload and the managed payload 222. The managed payload is then commanded to open or close 224 according to the unencrypted host command. The host payload then receives unencrypted host commands 226. The host payload is then reconfigured 228 according to the unencrypted host command. The host payload antenna then sends the host user data to the host user antenna 230. The host user antenna then receives host user data 232. The host payload then telemeters the unencrypted host payload to the host communication security module 234.
The host communication security module then receives unencrypted host payload telemetry 236. The host communication security module then encrypts unencrypted host payload telemetry by utilizing the host COMSEC variant to produce encrypted host payload telemetry 238. The host communication security module then telemeters the encrypted host payload to telemetry transmitter 240. The telemetry transmitter then receives encrypted host payload telemetry 242. The telemetry transmitter then telemeters the encrypted host payload to a telemetry antenna 244. The telemetry antenna then telemeters the encrypted host payload to the host surface antenna 246. The encrypted host payload telemetry 248 is then received by the host surface antenna. The host surface antenna then telemeters the encrypted host payload to the host SOC 250. The host SOC then decrypts the host payload telemetry by utilizing the host COMSEC variant to produce unencrypted host payload telemetry 252.
The managed payload (HoP) operations center (HOC) encrypts the unencrypted managed command by utilizing the managed COMSEC variant to produce the encrypted managed command 254. The HOC then sends the encrypted escrow command to escrow gateway antenna 256. The escrow gateway antenna then receives encrypted escrow command 258. The escrow gateway antenna then sends the encrypted escrow command to escrow payload antenna 260 on the carrier. The escrow payload antenna then receives encrypted escrow command 262. The escrow payload antenna then sends the encrypted escrow command to the escrow processor 264 on the escrow payload. The escrow processor then receives an encrypted escrow command 266. The escrow processor then sends the encrypted escrow command to escrow communication security module 268.
The escrow communication security module then receives the encrypted escrow command 270. The escrow communication security module then decrypts the encrypted escrow command by utilizing the escrow COMSEC variant to produce unencrypted escrow command 272. The escrow communication security module then sends the unencrypted escrow command to escrow processor 274. The escrow processor then receives an unencrypted escrow command 276. The escrow processor then reconfigures the escrow payload 278 in accordance with the unencrypted escrow command. The managed payload antenna then sends the managed user data to the managed user antenna 280. The managed user antenna then receives managed user data 282. The escrow processor then telemeters the unencrypted escrow payload to escrow communication security module 284.
The managed communication security module then receives unencrypted managed payload telemetry 286. The managed communication security module then encrypts the unencrypted managed payload telemetry by utilizing the managed COMSEC variant to produce encrypted managed payload telemetry 288. The escrow communication security module then telemeters the encrypted escrow payload to escrow processor 290. The escrow processor then receives encrypted escrow telemetry 291. The escrow processor then sends encrypted escrow telemetry to escrow payload antenna 292. The escrow payload antenna then receives encrypted escrow telemetry 293. The escrow payload antenna then sends the encrypted escrow telemetry to escrow gateway antenna 294. The escrow gateway antenna then receives encrypted escrow telemetry 295. The escrow gateway antenna then sends the encrypted escrow telemetry to the HOC 296. The HOC then receives encrypted escrow telemetry 297. The HOC then decrypts the encrypted escrow telemetry by utilizing the escrow COMSEC variant to produce unencrypted escrow telemetry 298. The method then ends 299.
Fig. 3 is a schematic diagram 300 illustrating the disclosed system for secure standalone hosted payload operation, where host commands are sent out-of-band and host telemetry is sent in-band, in accordance with at least one embodiment of the present disclosure. In this figure, a vehicle 310, a host Satellite Operation Center (SOC)350, and a managed payload (HoP) operation center (HOC)360 are shown. Various different types of carriers may be employed for the carriers 310, including but not limited to air carriers. Also, a variety of different types of air vehicles may be employed for the vehicles, including, but not limited to, satellites, aircraft, Unmanned Aerial Vehicles (UAVs), and space vehicles.
Where satellites are employed for the vehicles 310, it should be noted that satellites typically include computer controlled systems. The satellite typically includes a bus and a payload (e.g., host payload 306 and/or managed payload(s) 305). The bus may include a system (which includes components) that controls the satellites. These systems perform tasks such as power generation and control, thermal control, telemetry, attitude control, orbit control, and other suitable operations.
The payload of the satellite provides functionality for the user of the satellite. The payload may include an antenna, a transponder, and other suitable devices. For example, with respect to communications, payloads in satellites may be used to provide internet access, telephone communications, radio, television, and/or other types of communications. It should be noted that in one or more embodiments, the satellite (i.e., vehicle 310) includes multiple separate payloads, which are host payload 306 and managed payload(s) 305. Different entities may use different payloads on the satellite. For example, a host user (e.g., an owner of a satellite) may utilize host payload 306, and the host user may lease managed payload 305 to a managed user (e.g., a customer) utilizing managed payload 305.
Leasing the payload(s) (e.g., the hosted payload (s)) to the customer(s) may increase revenue that a user of the satellite (e.g., a host user) may obtain. Further, the customer may use a subset of the total resources in the satellite at a cost less than the cost of the customer to purchase and operate the satellite, build and operate the satellite, or lease the entire satellite.
During operation, the host SOC 350 encrypts the unencrypted host command (i.e., the unencrypted SOC command) by utilizing a host communication security (COMSEC) variant to produce an encrypted host command (i.e., the encrypted SOC command). The host commands are commands for configuring the host payload 306 utilized by the host SOC 350. It should be noted that the host COMSEC variant may include at least one encryption key and/or at least one algorithm (e.g., a type 1 encryption algorithm or a type 2 encryption algorithm).
The host SOC 350 then sends 315 the encrypted host command to the host ground antenna 316. The host ground antenna 316 then sends 320 the encrypted host command to the command antenna 321 on the vehicle 310. The host ground antenna 316 transmits 320 the encrypted host command using the out-of-band frequency band(s) (i.e., frequency band(s) different from the frequency band(s) used to transmit the payload data). The command antenna 321 on the carrier 310 then sends 322 the encrypted host command to the command receiver 335.
The command receiver 335 then sends 352 the encrypted host command to the host communication security module 362. The host communication security module 362 decrypts the encrypted host command using the host COMSEC variant to generate an unencrypted host command.
It should be noted that the host communication security module 362 may include one or more communication security modules (e.g., communication security module 1 and communication security module 2, where communication security module 2 is a redundant communication security module utilized in the presence of a failure of communication security module 1), where the additional communication security module is a redundant communication security module utilized in the presence of a failure of communication security module. Further, the host communication security module 362 may include one or more processors.
The host communication security module 362 then sends 370 the unencrypted host command to the host payload 306. The host payload 306 is reconfigured according to the unencrypted host command. The reconfiguration of the host payload 306 may include adjusting at least one of: repeater power, repeater spectrum monitoring, repeater connection, repeater gain setting, repeater limiter setting, repeater automatic level control setting, repeater phase setting, internal gain generation, bandwidth of at least one beam, at least one frequency band of at least one of the at least one beam, repeater beamforming setting, Effective Isotropic Radiated Power (EIRP) of at least one of the at least one beam, repeater channel, or beam steering. Additionally, the reconfiguration of the host payload 306 may include reconfiguring at least one of: a host payload antenna, at least one analog-to-digital converter, at least one digital-to-analog converter, at least one beamformer, at least one digital channelizer, at least one demodulator, at least one modulator, at least one digital switch matrix, at least one digital combiner, or at least one analog switch matrix. In one or more embodiments, the host payload includes 306 one or more processors.
After reconfiguring host payload 306, host payload antenna 307 (e.g., in one or more antenna beams 308) then transmits the host user data to host user antenna 385 on the ground. It should be noted that in other embodiments, the host user antenna 385 may be airborne (e.g., located on an aircraft or satellite) or offshore (e.g., located on a ship) rather than on land (e.g., located on the ground) as shown in fig. 3. Host communication security module 362 then sends 371 unencrypted host commands to escrow payload 305 to command escrow payload 305 to turn on or off in accordance with the unencrypted host commands.
Further, it should be noted that although in fig. 3, antenna beam 308 is shown as comprising a single circular spot beam; in other embodiments, however, antenna beam 308 may include more than one beam as shown in fig. 3 (e.g., antenna beam 308 may include multiple beams and antenna beam 308 may include a beam that is different in shape than a circular spot beam as shown in fig. 3 (e.g., antenna beam 308 may include an elliptical beam and/or a shaped beam of various different shapes).
It should be noted that in one or more embodiments, host payload antenna 307 may include one or more dish reflectors, including but not limited to parabolic reflectors and/or shaped reflectors. In some embodiments, host payload antenna 307 may comprise one or more multi-feed antenna arrays.
Host payload 306 sends 309 unencrypted host telemetry (i.e., unencrypted SOC telemetry, which is telemetry data related to host payload 306 utilized by host SOC 350) to host communication security module 362. Host communication security module 362 then encrypts the unencrypted host telemetry using the host COMSEC variant to generate encrypted host telemetry (i.e., encrypted SOC telemetry).
Host communication security module 362 then sends 393 the encrypted host telemetry to host payload 306. Host payload 306 then sends 322 the encrypted host telemetry to host payload antenna 307. Host payload antenna 307 then sends 397 encrypted host telemetry to SOC ground antenna 317. Host payload antenna 307 transmits 397 encrypted host telemetry using the in-band(s). It should be noted that although in fig. 3, the host SOC 350 is depicted with its SOC ground antenna 317 located alongside its operating building; in other embodiments, however, the host SOC 350 may have its SOC ground antenna 317 located a significant distance from its operating building (e.g., the ground antenna may be located in another country than the operating building). The host SOC 350 then decrypts the encrypted host telemetry using the host COMSEC variant to generate unencrypted host telemetry.
The HOC 360 encrypts the unencrypted escrow command (i.e., unencrypted HOC command) by utilizing a escrow communication security (COMSEC) variant to produce an encrypted escrow command (i.e., encrypted HOC command). The managed command is a command for configuring managed payload 305 utilized by HOC 360. It should be noted that the escrow COMSEC variant can include at least one encryption key and/or at least one algorithm (e.g., a type 1 encryption algorithm or a type 2 encryption algorithm).
HOC 360 then sends 326 the encrypted escrow command to escrow gateway antenna 327. Escrow gateway antenna 327 then sends 325 the encrypted escrow command to escrow payload antenna 380 on carrier 310. The escrow gateway antenna 327 sends 325 the encrypted escrow command using the in-band(s) (i.e., the same band(s) as used to send the payload data). The escrow payload antenna 380 on carrier 310 then sends 382 the encrypted escrow command to the processor 383 on escrow payload 305. In one or more embodiments, managed processor 383 comprises one or more processors. The escrow processor 383 sends 384 the encrypted escrow command to the escrow communication security module 365. The managed communication security module 365 decrypts the encrypted managed command with the managed COMSEC variant to generate an unencrypted managed command.
It should be noted that the hosted communication security module 365 may include one or more communication security modules (e.g., communication security module 3 and communication security module 4, where communication security module 4 is a redundant communication security module that is utilized in the presence of a failure of communication security module 3), where the additional communication security module is a redundant communication security module that is utilized in the presence of a failure of communication security module. Further, the managed communication security module 365 may include one or more processors. In some embodiments, the managed communication security module 365 and the managed processor 383 are separate units, as shown in fig. 3. In other embodiments, the managed communication security module 365 and the managed processor 383 are a single unit.
Escrow communication security module 365 then sends 386 the unencrypted escrow command to escrow processor 383. Escrow payload 305 is reconfigured by escrow processor 383 according to the unencrypted escrow command. The reconfiguration of managed payload 305 may include adjusting at least one of: repeater power, repeater spectrum monitoring, repeater connection, repeater gain setting, repeater limiter setting, repeater automatic level control setting, repeater phase setting, internal gain generation, bandwidth of at least one beam, at least one frequency band of at least one of the at least one beam, repeater beamforming setting, Effective Isotropic Radiated Power (EIRP) of at least one of the at least one beam, repeater channel, or beam steering. Additionally, reconfiguration of managed payload 305 may include reconfiguration of at least one of: a host payload antenna, at least one analog-to-digital converter, at least one digital-to-analog converter, at least one beamformer, at least one digital channelizer, at least one demodulator, at least one modulator, at least one digital switch matrix, at least one digital combiner, or at least one analog switch matrix. After reconfiguring the managed payload 305, the managed payload antenna 380 then sends the managed user data (e.g., in one or more antenna beams 381) to the managed user antenna 390 on the ground. It should be noted that in other embodiments, the hosted user antenna 390 may be airborne (e.g., located on an aircraft or satellite) or offshore (e.g., located on a ship) rather than on land (e.g., located on the ground) as shown in fig. 3.
Further, it should be noted that although in fig. 3, antenna beam 381 is shown as comprising a single circular spot beam; in other embodiments, however, antenna beam 381 may include more than one beam as shown in fig. 3 (e.g., antenna beam 381 may include multiple beams and antenna beam 381 may include a beam that is different in shape than a circular spot beam as shown in fig. 3 (e.g., antenna beam 381 may include an elliptical beam and/or a shaped beam of various different shapes).
It should be noted that in one or more embodiments, the managed payload antenna 380 may include one or more dish reflectors, including but not limited to parabolic reflectors and/or shaped reflectors. In some embodiments, host payload antenna 380 may include one or more multi-feed antenna arrays.
Escrow processor 383 sends 387 unencrypted escrow telemetry (i.e., unencrypted HOC telemetry, which is telemetry data related to escrow payload 305 utilized by HOC 360) to escrow communication security module 365. The managed communication security module 365 then encrypts unencrypted managed telemetry using the managed COMSEC variant to generate encrypted managed telemetry (i.e., encrypted HOC telemetry).
Escrow communication security module 365 then sends 388 the encrypted escrow telemetry to escrow processor 383. Escrow processor 383 then sends 389 the encrypted escrow telemetry to escrow payload antenna 380. The managed payload antenna 380 then sends 391 the encrypted managed telemetry to managed gateway antenna 327. The managed payload antenna 380 transmits 391 the encrypted managed telemetry using the in-band(s). Escrow gateway antenna 327 sends 392 the encrypted escrow telemetry to HOC 360. HOC 360 then decrypts the encrypted hosted telemetry using a hosted COMSEC variant to generate unencrypted hosted telemetry.
Fig. 4A, 4B, 4C, 4D, 4E, and 4F together illustrate a flow diagram of the disclosed method for secure standalone hosted payload operation, where host commands are sent out-of-band and host telemetry is sent in-band, in accordance with at least one embodiment of the present disclosure. At the start 400 of the method, a host Satellite Operations Center (SOC) encrypts an unencrypted host command by utilizing a host communication security (COMSEC) variant to produce an encrypted host command 402. The host SOC then sends the encrypted host commands to the host ground antenna 404. The encrypted host commands 406 are then received by the host ground antenna. The host ground antenna then sends the encrypted host commands to the command antenna 408 on the vehicle. The command antenna then receives the encrypted host command 410. The command antenna then sends the encrypted host command to the command receiver 412. The command receiver then receives the encrypted host command 414. The command receiver then sends the encrypted host command to the host communication security module 416.
The host communication security module then receives the encrypted host command 418. The host communication security module then decrypts the encrypted host command by utilizing the host COMSEC variant to produce an unencrypted host command 420. The host communication security module then sends unencrypted host commands to the host payload and the managed payload 422. The managed payload is then commanded to open or close 424 according to the unencrypted host command. The host payload then receives the unencrypted host command 426. The host payload is then reconfigured 428 according to the unencrypted host command. The host payload antenna then sends the host user data to the host user antenna 430. The host user antenna then receives host user data 432. The host payload then telemeters the unencrypted host payload to the host communication security module 434.
The host communication security module then receives unencrypted host payload telemetry 436. The host communication security module then encrypts unencrypted host payload telemetry by utilizing the host COMSEC variant to produce encrypted host payload telemetry 438. The host communication security module then telemeters the encrypted host payload to the host payload 440. The host payload then receives encrypted host payload telemetry 442. The host payload then telemeters the encrypted host payload to the host payload antenna 444. The host payload antenna then sends the encrypted host payload telemetry to the SOC ground antenna 446. The SOC terrestrial antenna then receives encrypted host payload telemetry 448. The SOC ground antenna then telemeters the encrypted host payload to the host SOC 450. The host SOC then decrypts the host payload telemetry by utilizing the host COMSEC variant to produce unencrypted host payload telemetry 452.
Managed payload (HoP) operations center (HOC) encrypts the unencrypted managed command by utilizing the managed COMSEC variant to produce encrypted managed command 454. The HOC then sends the encrypted escrow command to escrow gateway antenna 456. The escrow gateway antenna then receives encrypted escrow command 458. The escrow gateway antenna then sends the encrypted escrow command to the escrow payload antenna on the carrier 460. The escrow payload antenna then receives the encrypted escrow command 462. The escrow payload antenna then sends the encrypted escrow command to the escrow processor 464 on the escrow payload. The escrow processor then receives the encrypted escrow command 466. The escrow processor then sends the encrypted escrow command to escrow communication security module 468.
The escrow communication security module then receives the encrypted escrow command 470. The managed communications security module then decrypts the encrypted managed command by utilizing the managed COMSEC variant to produce an unencrypted managed command 472. The escrow communication security module then sends the unencrypted escrow command to escrow processor 474. The escrow processor then receives an unencrypted escrow command 476. Escrow processor then reconfigures escrow payload 478 according to the unencrypted escrow command. The managed payload antenna then sends the managed user data to the managed user antenna 480. The managed user antennas then receive managed user data 482. The escrow processor then telemeters the unencrypted escrow payload to escrow communication security module 484.
The managed communications security module then receives unencrypted managed payload telemetry 486. The managed communications security module then encrypts the unencrypted managed payload telemetry by utilizing the managed COMSEC variant to produce encrypted managed payload telemetry 488. The escrow communication security module then telemeters the encrypted escrow payload to escrow processor 490. The escrow processor then receives encrypted escrow telemetry 491. The escrow processor then sends encrypted escrow telemetry to escrow payload antenna 492. The escrow payload antenna then receives encrypted escrow telemetry 493. The escrow payload antenna then sends the encrypted escrow telemetry to escrow gateway antenna 494. The escrow gateway antenna then receives encrypted escrow telemetry 495. The escrow gateway antenna then sends the encrypted escrow telemetry to the HOC 496. The HOC then receives encrypted escrow telemetry 497. The HOC then decrypts the encrypted managed telemetry by utilizing the managed COMSEC variant to produce unencrypted managed telemetry 498. The method then ends 499.
Fig. 5 is a schematic diagram 500 illustrating the disclosed system for secure standalone hosted payload operation, where host commands are sent in-band and host telemetry is sent out-of-band, in accordance with at least one embodiment of the present disclosure. In this figure, a vehicle 510, a host Satellite Operation Center (SOC)550, and a managed payload (HoP) operation center (HOC)560 are shown. Various different types of carriers may be employed for the carriers 510, including but not limited to air carriers. Also, a variety of different types of air vehicles may be employed for the vehicles, including, but not limited to, satellites, aircraft, Unmanned Aerial Vehicles (UAVs), and space vehicles.
Where satellites are employed for the vehicles 510, it should be noted that satellites typically include computer controlled systems. The satellite typically includes a bus and a payload (e.g., host payload 506 and/or managed payload(s) 505). The bus may include a system (which includes components) that controls the satellites. These systems perform tasks such as power generation and control, thermal control, telemetry, attitude control, orbit control, and other suitable operations.
The payload of the satellite provides functionality for the user of the satellite. The payload may include an antenna, a transponder, and other suitable devices. For example, with respect to communications, payloads in satellites may be used to provide internet access, telephone communications, radio, television, and/or other types of communications. It should be noted that in one or more embodiments, the satellite (i.e., vehicle 510) includes multiple separate payloads, which are host payload 506 and managed payload(s) 505. Different entities may use different payloads on the satellite. For example, a host user (e.g., an owner of a satellite) can utilize host payload 506, and the host user can lease managed payload 505 to a managed user (e.g., a customer) utilizing managed payload 505.
Leasing the payload(s) (e.g., the hosted payload (s)) to the customer(s) may increase revenue that a user of the satellite (e.g., a host user) may obtain. Further, the customer may use a subset of the total resources in the satellite at a cost less than the cost of the customer to purchase and operate the satellite, build and operate the satellite, or lease the entire satellite.
During operation, the host SOC550 encrypts the unencrypted host command (i.e., the unencrypted SOC command) by utilizing a host communication security (COMSEC) variant to produce an encrypted host command (i.e., the encrypted SOC command). The host command is a command to configure the host payload 506 utilized by the host SOC 550. It should be noted that the host COMSEC variant may include at least one encryption key and/or at least one algorithm (e.g., a type 1 encryption algorithm or a type 2 encryption algorithm).
SOC ground antenna 517 then sends 520 the encrypted host commands to host payload antenna 507 on carrier 510. SOC terrestrial antenna 517 transmits 520 the encrypted host commands using the in-band(s) (i.e., the same band(s) as used to transmit the payload data). It should be noted that although in fig. 5, host SOC550 is depicted with its SOC ground antenna 517 located alongside its operating building; in other embodiments, however, the host SOC550 may have its SOC ground antenna 517 located a significant distance from its operating building (e.g., the ground antenna may be located in another country than the operating building). Host payload antenna 507 on carrier 510 then sends 522 the encrypted host command to host payload 506.
The host payload 506 then sends 552 the encrypted host command to the host communication security module 562. The host communication security module 562 decrypts the encrypted host command using the host COMSEC variant to generate an unencrypted host command.
It should be noted that the host communication security module 562 may include one or more communication security modules (e.g., communication security module 1 and communication security module 2, where communication security module 2 is a redundant communication security module utilized in the presence of a failure of communication security module 1), where the additional communication security module is a redundant communication security module utilized in the presence of a failure of communication security module. Further, the host communication security module 562 may include one or more processors.
The host communication security module 562 then sends 570 the unencrypted host command to the host payload 506. The host payload 506 is reconfigured according to the unencrypted host command. The reconfiguration of the host payload 506 may include adjusting at least one of: repeater power, repeater spectrum monitoring, repeater connection, repeater gain setting, repeater limiter setting, repeater automatic level control setting, repeater phase setting, internal gain generation, bandwidth of at least one beam, at least one frequency band of at least one of the at least one beam, repeater beamforming setting, Effective Isotropic Radiated Power (EIRP) of at least one of the at least one beam, repeater channel, or beam steering. Additionally, the reconfiguration of the host payload 506 may include reconfiguring at least one of: a host payload antenna, at least one analog-to-digital converter, at least one digital-to-analog converter, at least one beamformer, at least one digital channelizer, at least one demodulator, at least one modulator, at least one digital switch matrix, at least one digital combiner, or at least one analog switch matrix. In one or more embodiments, the host payload includes 506 one or more processors.
After reconfiguring host payload 506, host payload antenna 507 then transmits the host user data (e.g., in one or more antenna beams 508) to host user antenna 585 on the ground. It should be noted that in other embodiments, host user antenna 585 may be airborne (e.g., located on an aircraft or satellite) or offshore (e.g., located on a ship) rather than on land (e.g., located on the ground) as shown in fig. 5. Host communication security module 562 then sends 571 the unencrypted host command to managed payload 505 to command managed payload 505 to turn on or off according to the unencrypted host command.
Further, it should be noted that although in fig. 5, antenna beam 508 is shown as comprising a single circular spot beam; in other embodiments, however, antenna beam 508 may include more than one beam as shown in fig. 5 (e.g., antenna beam 508 may include multiple beams and antenna beam 508 may include a beam that is different in shape than a circular spot beam as shown in fig. 5 (e.g., antenna beam 508 may include an elliptical beam and/or a shaped beam of various different shapes).
It should be noted that in one or more embodiments, host payload antenna 507 may include one or more dish reflectors, including but not limited to parabolic reflectors and/or shaped reflectors. In some embodiments, host payload antenna 507 may include one or more multi-feed antenna arrays.
The host payload 506 sends 509 unencrypted host telemetry (i.e., unencrypted SOC telemetry, which is telemetry data related to the host payload 506 utilized by the host SOC 550) to the host communication security module 562. The host communication security module 562 then encrypts the unencrypted host telemetry using the host COMSEC variant to generate encrypted host telemetry (i.e., encrypted SOC telemetry).
The host communication security module 562 then transmits 593 the encrypted host telemetry to a telemetry transmitter 594. The telemetry transmitter 594 then transmits 595 the encrypted host telemetry to the telemetry antenna 596. Telemetry antenna 596 then sends 597 the encrypted host telemetry to host surface antenna 516. Telemetry antenna 596 transmits 597 the encrypted host telemetry using out-of-band(s). The host surface antenna 516 sends 598 the encrypted host telemetry to the host SOC 550. The host SOC550 then decrypts the encrypted host telemetry using the host COMSEC variant to generate unencrypted host telemetry.
The HOC 560 encrypts the unencrypted escrow command (i.e., unencrypted HOC command) by utilizing a escrow communication security (COMSEC) variant to produce an encrypted escrow command (i.e., encrypted HOC command). The managed command is a command to configure managed payload 505 utilized by HOC 560. It should be noted that the escrow COMSEC variant can include at least one encryption key and/or at least one algorithm (e.g., a type 1 encryption algorithm or a type 2 encryption algorithm).
The HOC 560 then sends 526 the encrypted escrow command to the escrow gateway antenna 527. The escrow gateway antenna 527 then sends 525 the encrypted escrow command to the escrow payload antenna 580 on the carrier 510. The escrow gateway antenna 527 transmits 525 the encrypted escrow command using the in-band frequency band(s), i.e., the same frequency band(s) as used to transmit the payload data. The escrow payload antenna 580 on the carrier 510 then sends 582 the encrypted escrow command to the processor 583 on the escrow payload 505. In one or more embodiments, the hosting processor 583 includes one or more processors. Escrow processor 583 sends 584 the encrypted escrow command to escrow communication security module 565. The managed communication security module 565 decrypts the encrypted managed command using the managed COMSEC variant to generate an unencrypted managed command.
It should be noted that the escrow communication security module 565 may include one or more communication security modules (e.g., communication security module 3 and communication security module 4, where communication security module 4 is a redundant communication security module utilized in the presence of a failure of communication security module 3), where the additional communication security module is a redundant communication security module utilized in the presence of a failure of communication security module. Further, managed communication security module 565 may include one or more processors. In some embodiments, managed communication security module 565 and managed processor 583 are separate units, as shown in fig. 5. In other embodiments, managed communication security module 565 and managed processor 583 are a single unit.
Escrow communication security module 565 then sends 586 the unencrypted escrow command to escrow processor 583. The escrow payload 505 is reconfigured by the escrow processor 583 according to the unencrypted escrow command. The reconfiguration of managed payload 505 may include adjusting at least one of: repeater power, repeater spectrum monitoring, repeater connection, repeater gain setting, repeater limiter setting, repeater automatic level control setting, repeater phase setting, internal gain generation, bandwidth of at least one beam, at least one frequency band of at least one of the at least one beam, repeater beamforming setting, Effective Isotropic Radiated Power (EIRP) of at least one of the at least one beam, repeater channel, or beam steering. Additionally, the reconfiguration of the managed payload 505 may include reconfiguring at least one of: a host payload antenna, at least one analog-to-digital converter, at least one digital-to-analog converter, at least one beamformer, at least one digital channelizer, at least one demodulator, at least one modulator, at least one digital switch matrix, at least one digital combiner, or at least one analog switch matrix. After reconfiguring managed payload 505, managed payload antenna 580 then sends managed user data (e.g., in one or more antenna beams 581) to managed user antenna 590 on the ground. It should be noted that in other embodiments, the hosted user antenna 590 may be airborne (e.g., located on an aircraft or satellite) or offshore (e.g., located on a ship) rather than on land (e.g., located on the ground) as shown in fig. 5.
Further, it should be noted that although in fig. 5, antenna beam 581 is shown as comprising a single circular spot beam; in other embodiments, however, antenna beam 581 may include more than one beam as shown in fig. 5 (e.g., antenna beam 581 may include multiple beams and antenna beam 581 may include a differently shaped beam as compared to a circular spot beam as shown in fig. 5 (e.g., antenna beam 581 may include an elliptical beam and/or various differently shaped beams).
It should be noted that in one or more embodiments, the managed payload antenna 580 may include one or more dish reflectors, including but not limited to parabolic reflectors and/or shaped reflectors. In some embodiments, host payload antenna 580 may include one or more multi-feed antenna arrays.
Escrow processor 583 sends 587 unencrypted escrow telemetry (i.e., unencrypted HOC telemetry, which is telemetry data related to escrow payload 505 utilized by HOC 560) to escrow communication security module 565. Escrow communication security module 565 then encrypts unencrypted escrow telemetry using an escrow COMSEC variant to generate encrypted escrow telemetry (i.e., encrypted HOC telemetry).
Escrow communication security module 565 then sends 588 the encrypted escrow telemetry to escrow processor 583. Escrow processor 583 then sends 589 the encrypted escrow telemetry to escrow payload antenna 580. Managed payload antenna 580 then sends 591 the encrypted managed telemetry to managed gateway antenna 527. Managed payload antenna 580 transmits 591 encrypted managed telemetry using in-band(s). The escrow gateway antenna 527 sends 592 the encrypted escrow telemetry to the HOC 560. The HOC 560 then decrypts the encrypted hosted telemetry using the hosted COMSEC variant to generate unencrypted hosted telemetry.
Fig. 6A, 6B, 6C, 6D, 6E, and 6F together illustrate a flow diagram of the disclosed method for secure standalone hosted payload operation, where host commands are sent in-band and host telemetry is sent out-of-band, in accordance with at least one embodiment of the present disclosure. At the start 600 of the method, a host Satellite Operations Center (SOC) encrypts an unencrypted host command by utilizing a host communication security (COMSEC) variant to produce an encrypted host command 602. The host SOC then sends the encrypted host commands to the SOC ground antenna 604. The SOC terrestrial antenna then receives the encrypted host command 606. The SOC ground antenna then sends the encrypted host commands to the host payload antenna on the carrier 608. The encrypted host command 610 is then received by the host payload antenna. The host payload antenna then sends the encrypted host command to the host payload 612. The host payload then receives the encrypted host command 614. The host payload then sends the encrypted host command to the host communication security module 616.
The host communication security module then receives the encrypted host command 618. The host communication security module then decrypts the encrypted host command by utilizing the host COMSEC variant to produce unencrypted host command 620. The host communication security module then sends the unencrypted host command to the host payload and the managed payload 622. The managed payload is then commanded to open or close 624 according to the unencrypted host command. The host payload then receives the unencrypted host command 626. The host payload is then reconfigured 628 according to the unencrypted host command. The host payload antenna then sends the host user data to the host user antenna 630. The host user antenna then receives host user data 632. The host payload then telemeters the unencrypted host payload to the host communication security module 634.
The host communication security module then receives unencrypted host payload telemetry 636. The host communication security module then encrypts unencrypted host payload telemetry by utilizing the host COMSEC variant to produce encrypted host payload telemetry 638. The host communication security module then telemeters the encrypted host payload to telemetry transmitter 640. The telemetry transmitter then receives encrypted host payload telemetry 642. The telemetry transmitter then telemeters the encrypted host payload to a telemetry antenna 644. The telemetry antenna then telemeters the encrypted host payload to the host surface antenna 646. The encrypted host payload telemetry 648 is then received by the host surface antenna. The host surface antenna then sends the encrypted host payload telemetry to the host SOC 650. The host SOC then decrypts the host payload telemetry by utilizing the host COMSEC variant to produce unencrypted host payload telemetry 652.
Managed payload (HoP) operations center (HOC) encrypts the unencrypted managed command by using the managed COMSEC variant to produce encrypted managed command 654. The HOC then sends the encrypted escrow command to escrow gateway antenna 656. The escrow gateway antenna then receives the encrypted escrow command 658. The escrow gateway antenna then sends the encrypted escrow command to the escrow payload antenna on carrier 660. The encrypted escrow command is then received by the escrow payload antenna 662. The escrow payload antenna then sends the encrypted escrow command to the escrow processor 664 on the escrow payload. The escrow processor then receives an encrypted escrow command 666. The escrow processor then sends the encrypted escrow command to escrow communication security module 668.
The escrow communication security module then receives the encrypted escrow command 670. The escrow communication security module then decrypts the encrypted escrow command by utilizing the escrow COMSEC variant to produce an unencrypted escrow command 672. The escrow communication security module then sends the unencrypted escrow command to escrow processor 674. Escrow processor then receives an unencrypted escrow command 676. The escrow processor then reconfigures escrow payload 678 in accordance with the unencrypted escrow command. The managed payload antenna then sends the managed user data to the managed user antenna 680. The managed user antenna then receives managed user data 682. The escrow processor then telemeters the unencrypted escrow payload to escrow communication security module 684.
The escrow communication security module then receives unencrypted escrow payload telemetry 686. The managed communication security module then encrypts unencrypted managed payload telemetry by utilizing the managed COMSEC variant to produce encrypted managed payload telemetry 688. The escrow communication security module then telemeters the encrypted escrow payload to escrow processor 690. The escrow processor then receives encrypted escrow telemetry 691. The escrow processor then sends the encrypted escrow telemetry to escrow payload antenna 692. The escrow payload antenna then receives encrypted escrow telemetry 693. The escrow payload antenna then sends the encrypted escrow telemetry to the escrow gateway antenna 694. The escrow gateway antenna then receives encrypted escrow telemetry 695. The escrow gateway antenna then sends the encrypted escrow telemetry to the HOC 696. The HOC then receives encrypted escrow telemetry 697. The HOC then decrypts the encrypted managed telemetry by utilizing the managed COMSEC variant to produce unencrypted managed telemetry 698. The method then ends 699.
Fig. 7 is a schematic diagram 700 illustrating the disclosed system for secure standalone hosted payload operation, where both host commands and host telemetry are sent in-band, in accordance with at least one embodiment of the present disclosure. In this figure, a vehicle 710, a host Satellite Operations Center (SOC)750, and a managed payload (HoP) operations center (HOC)760 are shown. Various different types of carriers may be employed for the carriers 710, including but not limited to air carriers. Also, a variety of different types of air vehicles may be employed for the vehicles, including, but not limited to, satellites, aircraft, Unmanned Aerial Vehicles (UAVs), and space vehicles.
Where satellites are employed for vehicles 710, it should be noted that satellites typically include computer controlled systems. The satellite typically includes a bus and a payload (e.g., host payload 706 and/or managed payload(s) 705). The bus may include a system (which includes components) that controls the satellites. These systems perform tasks such as power generation and control, thermal control, telemetry, attitude control, orbit control, and other suitable operations.
The payload of the satellite provides functionality for the user of the satellite. The payload may include an antenna, a transponder, and other suitable devices. For example, with respect to communications, payloads in satellites may be used to provide internet access, telephone communications, radio, television, and/or other types of communications. It should be noted that in one or more embodiments, the satellite (i.e., vehicle 710) includes multiple separate payloads, which are host payload 706 and managed payload(s) 705. Different entities may use different payloads on the satellite. For example, a host user (e.g., an owner of a satellite) may utilize host payload 706, and the host user may lease managed payload 705 to a managed user (e.g., a customer) that utilizes managed payload 705.
Leasing the payload(s) (e.g., the managed payload (s)) to the customer(s) may increase revenue that a user of the satellite (e.g., a host user) may obtain. Further, the customer may use a subset of the total resources in the satellite at a cost less than the cost of the customer to purchase and operate the satellite, build and operate the satellite, or lease the entire satellite.
During operation, the host SOC 750 encrypts unencrypted host commands (i.e., unencrypted SOC commands) by utilizing a host communication security (COMSEC) variant to produce encrypted host commands (i.e., encrypted SOC commands). The host commands are commands for configuring the host payload 706 utilized by the host SOC 750. It should be noted that the host COMSEC variant may include at least one encryption key and/or at least one algorithm (e.g., a type 1 encryption algorithm or a type 2 encryption algorithm).
The host SOC 750 then sends 715 the encrypted host command to the host ground antenna 716. The host ground antenna 716 sends 720 the encrypted host command to the host payload antenna 707 on the vehicle 710. The host terrestrial antenna 716 transmits 720 the encrypted host commands using the in-band frequency band(s), i.e., the same frequency band(s) as used to transmit the payload data. It should be noted that although in FIG. 7, the host SOC 750 is depicted with the host ground antenna 716 located beside its operating building; in other embodiments, however, the host SOC 750 may have the host ground antenna 716 located a significant distance from its operating building (e.g., the ground antenna may be located in another country than the operating building). The host payload antenna 707 on the carrier 710 then sends 722 the encrypted host command to the host payload 706.
The host payload 706 then sends 752 the encrypted host command to the host communication security module 762. The host communication security module 762 decrypts encrypted host commands using a host COMSEC variant to generate unencrypted host commands.
It should be noted that the host communication security module 762 may include one or more communication security modules (e.g., communication security module 1 and communication security module 2, where communication security module 2 is a redundant communication security module utilized in the presence of a failure of communication security module 1), where an additional communication security module is a redundant communication security module utilized in the presence of a failure of communication security module. In addition, the host communication security module 762 may include one or more processors.
The host communication security module 762 then sends 770 the unencrypted host command to the host payload 706. The host payload 706 is reconfigured according to the unencrypted host command. The reconfiguration of the host payload 706 may include adjusting at least one of: repeater power, repeater spectrum monitoring, repeater connection, repeater gain setting, repeater limiter setting, repeater automatic level control setting, repeater phase setting, internal gain generation, bandwidth of at least one beam, at least one frequency band of at least one of the at least one beam, repeater beamforming setting, Effective Isotropic Radiated Power (EIRP) of at least one of the at least one beam, repeater channel, or beam steering. Additionally, the reconfiguration of host payload 706 may include reconfiguring at least one of: a host payload antenna, at least one analog-to-digital converter, at least one digital-to-analog converter, at least one beamformer, at least one digital channelizer, at least one demodulator, at least one modulator, at least one digital switch matrix, at least one digital combiner, or at least one analog switch matrix. In one or more embodiments, the host payload includes 706 one or more processors.
After reconfiguring host payload 706, host payload antenna 707 then transmits the host user data (e.g., in one or more antenna beams 708) to host user antenna 785 on the ground. It should be noted that in other embodiments, host user antenna 785 may be airborne (e.g., located on an aircraft or satellite) or offshore (e.g., located on a ship) rather than on land (e.g., located on the ground) as shown in fig. 7. Host communication security module 762 then sends 771 the unencrypted host command to managed payload 705 to command managed payload 705 to open or close in accordance with the unencrypted host command.
Further, it should be noted that although in fig. 7, the antenna beam 708 is shown as comprising a single circular spot beam; in other embodiments, however, antenna beam 708 may include more than one beam as shown in fig. 7 (e.g., antenna beam 708 may include multiple beams and antenna beam 708 may include a beam that is different in shape than a circular spot beam as shown in fig. 7 (e.g., antenna beam 708 may include an elliptical beam and/or various different shaped beams).
It should be noted that in one or more embodiments, host payload antenna 707 may include one or more dish reflectors, including but not limited to parabolic reflectors and/or shaped reflectors. In some embodiments, host payload antenna 707 may include one or more multi-feed antenna arrays.
Host payload 706 sends 709 unencrypted host telemetry (i.e., unencrypted SOC telemetry, which is telemetry data related to host payload 706 utilized by host SOC 750) to host communication security module 762. Host communication security module 762 then encrypts unencrypted host telemetry using the host COMSEC variant to generate encrypted host telemetry (i.e., encrypted SOC telemetry).
The host communication security module 762 then sends 793 the encrypted host telemetry to the host payload 706. Host payload 706 then sends 723 the encrypted host telemetry to host payload antenna 707. The host payload antenna 707 then sends 797 the encrypted host telemetry to the host surface antenna 716. Host payload antenna 707 transmits 797 the encrypted host telemetry using the in-band(s). The host surface antenna 716 sends 798 the encrypted host telemetry to the host SOC 750. Host SOC 750 then decrypts the encrypted host telemetry using the host COMSEC variant to generate unencrypted host telemetry.
The HOC 760 encrypts the unencrypted escrow command (i.e., unencrypted HOC command) by utilizing a escrow communication security (COMSEC) variant to produce an encrypted escrow command (i.e., encrypted HOC command). The managed command is a command for configuring managed payload 705 utilized by HOC 760. It should be noted that the escrow COMSEC variant can include at least one encryption key and/or at least one algorithm (e.g., a type 1 encryption algorithm or a type 2 encryption algorithm).
The HOC 760 then sends 726 the encrypted escrow command to the escrow gateway antenna 727. Escrow gateway antenna 727 then sends 725 the encrypted escrow command to escrow payload antenna 780 on carrier 710. The escrow gateway antenna 727 transmits 725 the encrypted escrow command using the in-band(s) (i.e., the same band(s) as used to transmit the payload data). Managed payload antenna 780 on carrier 710 then sends 782 the encrypted managed command to processor 783 on managed payload 705. In one or more embodiments, managed processor 783 comprises one or more processors. Escrow processor 783 sends 784 the encrypted escrow command to escrow communication security module 765. The managed communication security module 765 decrypts the encrypted managed command using the managed COMSEC variant to generate an unencrypted managed command.
It should be noted that the hosted communication security module 765 may include one or more communication security modules (e.g., communication security module 3 and communication security module 4, where communication security module 4 is a redundant communication security module that is utilized in the presence of a failure of communication security module 3), where the additional communication security module is a redundant communication security module that is utilized in the presence of a failure of communication security module. Further, the hosted communication security module 765 may include one or more processors. In some embodiments, managed communication security module 765 and managed processor 783 are separate units, as shown in fig. 7. In other embodiments, managed communication security module 765 and managed processor 783 are a single unit.
Escrow communication security module 765 then sends 786 the unencrypted escrow command to escrow processor 783. Escrow payload 705 is reconfigured by escrow processor 783 according to the unencrypted escrow command. The reconfiguration of the managed payload 705 may include adjusting at least one of: repeater power, repeater spectrum monitoring, repeater connection, repeater gain setting, repeater limiter setting, repeater automatic level control setting, repeater phase setting, internal gain generation, bandwidth of at least one beam, at least one frequency band of at least one of the at least one beam, repeater beamforming setting, Effective Isotropic Radiated Power (EIRP) of at least one of the at least one beam, repeater channel or beam steering. Additionally, the reconfiguration of the managed payload 705 may include reconfiguring at least one of: a host payload antenna, at least one analog-to-digital converter, at least one digital-to-analog converter, at least one beamformer, at least one digital channelizer, at least one demodulator, at least one modulator, at least one digital switch matrix, at least one digital combiner, or at least one analog switch matrix. After reconfiguring the managed payload 705, managed payload antenna 780 then transmits the managed user data (e.g., in one or more antenna beams 781) to managed user antenna 790 on the ground. It should be noted that in other embodiments, the hosted user antenna 170 may be airborne (e.g., located on an aircraft or satellite) or offshore (e.g., located on a ship) rather than on land (e.g., located on the ground) as shown in fig. 7.
Further, it should be noted that although in fig. 7, antenna beam 781 is shown as comprising a single circular spot beam; in other embodiments, however, antenna beam 781 may include more than one beam as shown in fig. 7 (e.g., antenna beam 781 may include multiple beams and antenna beam 781 may include a different shaped beam than the circular spot beam as shown in fig. 7 (e.g., antenna beam 781 may include an elliptical beam and/or a shaped beam of various different shapes).
It should be noted that in one or more embodiments, managed payload antenna 780 may include one or more dish reflectors, including but not limited to parabolic reflectors and/or shaped reflectors. In some embodiments, host payload antenna 780 may include one or more multi-feed antenna arrays.
Escrow processor 783 sends 787 unencrypted escrow telemetry (i.e., unencrypted HOC telemetry, which is telemetry data related to escrow payload 705 utilized by HOC 760) to escrow communication security module 765. The escrow communication security module 765 then encrypts unencrypted escrow telemetry using the escrow COMSEC variant to generate encrypted escrow telemetry (i.e., encrypted HOC telemetry).
Escrow communication security module 765 then sends 788 the encrypted escrow telemetry to escrow processor 783. Escrow processor 783 then sends 789 the encrypted escrow telemetry to escrow payload antenna 780. Managed payload antenna 780 then sends 791 the encrypted managed telemetry to managed gateway antenna 727. Managed payload antenna 780 transmits 791 encrypted managed telemetry using the in-band(s). Escrow gateway antenna 727 sends 792 encrypted escrow telemetry to HOC 760. The HOC 760 then decrypts the encrypted managed telemetry using the managed COMSEC variant to generate unencrypted managed telemetry.
Fig. 8A, 8B, 8C, 8D, 8E, and 8F together illustrate a flow diagram of the disclosed method for secure standalone hosted payload operation, where both host commands and host telemetry are sent in-band, in accordance with at least one embodiment of the present disclosure. At the start 800 of the method, a host Satellite Operations Center (SOC) encrypts an unencrypted host command by utilizing a host communication security (COMSEC) variant to produce an encrypted host command 802. The host SOC then sends the encrypted host commands to the host ground antenna 804. The encrypted host command is then received by the host terrestrial antenna 806. The host ground antenna then sends the encrypted host commands to the host payload antenna on the vehicle 808. The encrypted host command 810 is then received by the host payload antenna. The host payload antenna then sends the encrypted host command to the host payload 812. The host payload then receives encrypted host commands 814. The host payload then sends the encrypted host command to the host communication security module 816.
The host communication security module then receives the encrypted host command 818. The host communication security module then decrypts the encrypted host command by utilizing the host COMSEC variant to produce the unencrypted host command 820. The host communication security module then sends unencrypted host commands to the host payload and the managed payload 822. The managed payload is then commanded on or off 824 in accordance with the unencrypted host command. The host payload then receives unencrypted host commands 826. Host payload 828 is then reconfigured according to the unencrypted host command. The host payload antenna then sends the host user data to the host user antenna 830. The host user antenna then receives host user data 832. The host payload then telemeters the unencrypted host payload to the host communication security module 834.
The host communication security module then receives the unencrypted host payload telemetry 836. The host communication security module then encrypts unencrypted host payload telemetry by utilizing a host COMSEC variant to produce encrypted host payload telemetry 838. The host communication security module then telemeters the encrypted host payload to host payload 840. The host payload then receives encrypted host payload telemetry 842. The host payload then sends the encrypted host payload telemetry to the host payload antenna 844. The host payload antenna then sends the encrypted host payload telemetry to the host ground antenna 846. The encrypted host payload telemetry 848 is then received by the host surface antenna. The host ground antenna then telemeters the encrypted host payload to the host SOC 850. The host SOC then decrypts the host payload telemetry by utilizing the host COMSEC variant to produce unencrypted host payload telemetry 852.
A managed payload (HoP) operations center (HOC) encrypts an unencrypted managed command by using a managed COMSEC variant to produce an encrypted managed command 854. The HOC then sends the encrypted escrow command to escrow gateway antenna 856. The escrow gateway antenna then receives the encrypted escrow command 858. The escrow gateway antenna then sends the encrypted escrow command to the escrow payload antenna 860 on the carrier. The escrow payload antenna then receives the encrypted escrow command 862. The managed payload antenna then sends the encrypted managed command to managed processor 864 on the managed payload. The escrow processor then receives an encrypted escrow command 866. The escrow processor then sends the encrypted escrow command to escrow communication security module 868.
The escrow communication security module then receives encrypted escrow command 870. The escrow communication security module then decrypts the encrypted escrow command by utilizing the escrow COMSEC variant to produce unencrypted escrow command 872. The escrow communication security module then sends the unencrypted escrow command to escrow processor 874. The escrow processor then receives an unencrypted escrow command 876. The escrow processor is then reconfigured to escrow payload 878 according to the unencrypted escrow command. The managed payload antenna then sends the managed user data to the managed user antenna 880. The managed user antenna then receives managed user data 882. The escrow processor then telemeters the unencrypted escrow payload to escrow communication security module 884.
The managed communications security module then receives unencrypted managed payload telemetry 886. The managed communication security module then encrypts unencrypted managed payload telemetry by utilizing the managed COMSEC variant to produce encrypted managed payload telemetry 888. The escrow communication security module then telemeters the encrypted escrow payload to escrow processor 890. The escrow processor then receives encrypted escrow telemetry 891. The escrow processor then sends encrypted escrow telemetry to escrow payload antenna 892. The escrow payload antenna then receives encrypted escrow telemetry 893. The escrow payload antenna then sends the encrypted escrow telemetry to escrow gateway antenna 894. The escrow gateway antenna then receives encrypted escrow telemetry 895. The escrow gateway antenna then sends the encrypted escrow telemetry to the HOC 896. The HOC then receives encrypted escrow telemetry 897. The HOC then decrypts the encrypted managed telemetry by utilizing the managed COMSEC variant to produce unencrypted managed telemetry 898. The method then ends 899.
Illustrative, non-exclusive examples of the inventive subject matter in accordance with this disclosure are described in the following enumerated embodiments:
A1. a method for payload operations, the method comprising:
sending an encrypted host command through a host Satellite Operation Center (SOC), wherein the encrypted host command is encrypted with a host communication security (COMSEC) variant;
receiving, by a command receiver on the vehicle, an encrypted host command;
decrypting, by the host communication security module, the encrypted host command by utilizing the host COMSEC variant to produce an unencrypted host command;
commanding the managed payload to at least one of open or closed according to the unencrypted host command;
reconfiguring a host payload according to the unencrypted host command;
sending host user data to a host user antenna through a host payload antenna;
encrypting, by the host communication security module, unencrypted host payload telemetry by utilizing the host COMSEC variant to produce encrypted host payload telemetry;
sending encrypted host payload telemetry through a telemetry transmitter;
decrypting, by the host SOC, the host payload telemetry by utilizing the host COMSEC variant to produce unencrypted host payload telemetry;
encrypting, by a managed payload (HoP) operations center (HOC), the unencrypted managed command by utilizing a managed COMSEC variant to produce an encrypted managed command;
sending, by the HOC, an encrypted escrow command, wherein the encrypted escrow command is encrypted with a escrow COMSEC variant;
receiving, by a managed payload antenna on a carrier, an encrypted managed command;
decrypting, by the managed communications security module on the managed payload, the encrypted managed command by utilizing the managed COMSEC variant to produce an unencrypted managed command;
reconfiguring, by the managed processor on the managed payload, the managed payload in accordance with the unencrypted managed command;
transmitting, by a managed payload antenna, managed user data to a managed user antenna;
encrypting, by the managed communications security module, unencrypted managed payload telemetry by utilizing a managed COMSEC variant to produce encrypted managed payload telemetry;
sending encrypted managed telemetry through a managed payload antenna; and
the encrypted managed telemetry is decrypted by the HOC by utilizing a managed COMSEC variant to produce unencrypted managed telemetry.
A2. The method of embodiment a1 wherein the managed processor comprises the managed communication security module as a single unit.
A3. The method of embodiment a1 wherein the managed communication security module and the managed processor are two separate units.
A4. The method of embodiment a1 wherein the hosting processor comprises at least one processor.
A5. The method of embodiment a1 wherein the host payload includes at least one processor.
A6. The method of embodiment a1 wherein the host communication security module comprises more than one communication security module.
A7. The method of embodiment a6 wherein at least one of the communication security modules is a redundant communication security module.
A8. The method of embodiment a1 wherein the hosted communications security module includes more than one communications security module.
A9. The method of embodiment A8 wherein at least one of the communication security modules is a redundant communication security module.
A10. The method of embodiment a1 wherein the host payload antenna and the host payload antenna each comprise at least one Radio Frequency (RF) antenna.
A11. The method of embodiment a10 wherein the RF antenna is a reflector antenna.
A12. The method of embodiment a10 wherein the RF antenna is a multi-feed array antenna.
A13. The method of embodiment a1, wherein the reconfiguration of at least one of the host payload or the managed payload includes adjusting at least one of: repeater power, repeater spectrum monitoring, repeater connection, repeater gain setting, repeater limiter setting, repeater automatic level control setting, repeater phase setting, internal gain generation, bandwidth of at least one beam, at least one frequency band of at least one of the at least one beam, repeater beamforming setting, Effective Isotropic Radiated Power (EIRP) of at least one of the at least one beam, repeater channel or beam steering.
A14. The method of embodiment a1, wherein the reconfiguration of the host payload includes reconfiguring at least one of: a host payload antenna, at least one analog-to-digital converter, at least one digital-to-analog converter, at least one beamformer, at least one digital channelizer, at least one demodulator, at least one modulator, at least one digital switch matrix, at least one digital combiner, or at least one analog switch matrix.
A15. The method of embodiment a1, wherein the reconfiguration of the managed payload comprises reconfiguring at least one of: a managed payload antenna, at least one analog-to-digital converter, at least one digital-to-analog converter, at least one beamformer, at least one digital channelizer, at least one demodulator, at least one modulator, at least one digital switching matrix, at least one digital combiner, or at least one analog switching matrix.
A16. The method of embodiment a1 wherein the carrier is an air carrier.
A17. The method of embodiment a16 wherein the air vehicle is one of a satellite, an aircraft, an Unmanned Aerial Vehicle (UAV), or a space vehicle.
B1. A method for payload operations, the method comprising:
sending an encrypted host command through a host Satellite Operation Center (SOC), wherein the encrypted host command is encrypted with a host communication security (COMSEC) variant;
receiving, by a command receiver on the vehicle, an encrypted host command;
decrypting, by the host communication security module, the encrypted host command by utilizing the host COMSEC variant to produce an unencrypted host command;
commanding the managed payload to at least one of open or closed according to the unencrypted host command;
reconfiguring a host payload according to the unencrypted host command;
sending host user data to a host user antenna through a host payload antenna;
encrypting, by the host communication security module, unencrypted host payload telemetry by utilizing the host COMSEC variant to produce encrypted host payload telemetry;
sending encrypted host payload telemetry through a host payload antenna;
decrypting, by the host SOC, the host payload telemetry by utilizing the host COMSEC variant to produce unencrypted host payload telemetry;
sending, by a escrow payload (HoP) operations center (HOC), an encrypted escrow command, wherein the encrypted escrow command is encrypted with a escrow COMSEC variant;
receiving, by a managed payload antenna on a carrier, an encrypted managed command;
decrypting, by the managed communications security module on the managed payload, the encrypted managed command by utilizing the managed COMSEC variant to produce an unencrypted managed command;
reconfiguring, by the managed processor on the managed payload, the managed payload in accordance with the unencrypted managed command;
sending, by the managed payload antenna, managed user data to the managed user antenna;
encrypting, by the managed communications security module, unencrypted managed payload telemetry using a managed COMSEC variant to produce encrypted managed payload telemetry;
sending encrypted managed telemetry through a managed payload antenna; and
the encrypted managed telemetry is decrypted by the HOC by utilizing a managed COMSEC variant to produce unencrypted managed telemetry.
C1. A method for payload operations, the method comprising:
sending an encrypted host command through a host Satellite Operation Center (SOC), wherein the encrypted host command is encrypted with a host communication security (COMSEC) variant;
receiving, by a host payload antenna on a vehicle, an encrypted host command;
decrypting, by the host communication security module, the encrypted host command by utilizing the host COMSEC variant to produce an unencrypted host command;
commanding the managed payload to at least one of open or closed according to the unencrypted host command;
reconfiguring a host payload according to the unencrypted host command;
sending host user data to a host user antenna through a host payload antenna;
encrypting, by the host communication security module, unencrypted host payload telemetry by utilizing the host COMSEC variant to produce encrypted host payload telemetry;
sending encrypted host payload telemetry through a telemetry transmitter;
decrypting, by the host SOC, the host payload telemetry by utilizing the host COMSEC variant to produce unencrypted host payload telemetry;
sending, by a escrow payload (HoP) operations center (HOC), an encrypted escrow command, wherein the encrypted escrow command is encrypted with a escrow COMSEC variant;
receiving, by a managed payload antenna on a carrier, an encrypted managed command;
decrypting, by the managed communications security module on the managed payload, the encrypted managed command by utilizing the managed COMSEC variant to produce an unencrypted managed command;
reconfiguring, by the managed processor on the managed payload, the managed payload in accordance with the unencrypted managed command;
sending, by the managed payload antenna, managed user data to the managed user antenna;
encrypting, by the escrow communication security module, the unencrypted escrow payload telemetry to produce encrypted escrow payload telemetry;
sending encrypted managed telemetry through a managed payload antenna; and
the encrypted managed telemetry is decrypted by the HOC by utilizing a managed COMSEC variant to produce unencrypted managed telemetry.
D1. A method for payload operations, the method comprising:
sending an encrypted host command through a host Satellite Operation Center (SOC), wherein the encrypted host command is encrypted with a host communication security (COMSEC) variant;
receiving, by a host payload antenna on a vehicle, an encrypted host command;
decrypting, by the host communication security module, the encrypted host command by utilizing the host COMSEC variant to produce an unencrypted host command;
commanding the managed payload to at least one of open or closed according to the unencrypted host command;
reconfiguring a host payload according to the unencrypted host command;
sending host user data to a host user antenna through a host payload antenna;
encrypting, by the host communication security module, unencrypted host payload telemetry using the host COMSEC variant to produce encrypted host payload telemetry;
sending encrypted host payload telemetry through a host payload antenna;
decrypting, by the host SOC, the host payload telemetry by utilizing the host COMSEC variant to produce unencrypted host payload telemetry;
sending, by a escrow payload (HoP) operations center (HOC), an encrypted escrow command, wherein the encrypted escrow command is encrypted with a escrow COMSEC variant;
receiving, by a managed payload antenna on a carrier, an encrypted managed command;
decrypting, by the managed communications security module on the managed payload, the encrypted managed command by utilizing the managed COMSEC variant to produce an unencrypted managed command;
reconfiguring, by the managed processor on the managed payload, the managed payload in accordance with the unencrypted managed command;
sending, by the managed payload antenna, managed user data to the managed user antenna;
encrypting, by the escrow communication security module, the unencrypted escrow payload telemetry to produce encrypted escrow payload telemetry;
sending encrypted managed telemetry through a managed payload antenna; and
the encrypted managed telemetry is decrypted by the HOC by utilizing a managed COMSEC variant to produce unencrypted managed telemetry.
While particular embodiments have been illustrated and described, it should be understood that the above discussion is not intended to limit the scope of these embodiments. Although embodiments and variations of many aspects of the present invention have been disclosed and described herein, such disclosure is provided for purposes of illustration and description only. Accordingly, various changes and modifications may be made without departing from the scope of the claims.
Where the above-described methods indicate that certain events occur in a certain order, those of ordinary skill in the art having the benefit of this disclosure will recognize that the ordering may be modified and that such modifications are in accordance with the variations of this disclosure. In addition, where possible, portions of the method may be performed concurrently in parallel processing as well as performed sequentially. Additionally, more or less portions of the method may be performed.
Accordingly, the embodiments are intended to illustrate alternatives, modifications, and equivalents that may fall within the scope of the claims.
Although certain illustrative embodiments and methods have been disclosed herein, it will be apparent from the foregoing disclosure to those skilled in the art that changes and modifications may be made to these embodiments and methods without departing from the true spirit and scope of the disclosed technology. There are many other examples of the disclosed technology, each differing from the others only in details. Accordingly, the disclosed technology is intended to be limited only to the extent required by the appended claims and the rules and principles of applicable law.

Claims (15)

1. A system for payload operations, the system comprising:
a command receiver on the vehicle that receives encrypted host commands, wherein unencrypted host commands are encrypted by a host satellite operations center, host SOC, with a host communication security variant, host COMSEC variant, to produce the encrypted host commands;
a host communication security module that decrypts the encrypted host command by utilizing the host COMSEC variant to produce an unencrypted host command and sends the unencrypted host command to a managed payload and a host payload;
the managed payload configured to be commanded to at least one of open or closed in accordance with the unencrypted host command;
the host payload reconfigured according to the unencrypted host command, wherein the host payload and the managed payload are separate from each other;
a host payload antenna that transmits host user data to the host user antenna;
the host communication security module to encrypt unencrypted host payload telemetry by utilizing the host COMSEC variant to produce encrypted host payload telemetry;
a telemetry transmitter that transmits the encrypted host payload telemetry, wherein the host SOC decrypts the encrypted host payload telemetry by utilizing the host COMSEC variant to produce the unencrypted host payload telemetry;
a managed payload antenna on the carrier that receives an encrypted managed command, wherein the encrypted managed command is sent using at least one in-band, wherein a managed payload operations center (HoP HOC) encrypts an unencrypted managed command by using a managed COMSEC variant to produce the encrypted managed command;
a managed communications security module on the managed payload that decrypts the encrypted managed command by utilizing the managed COMSEC variant to produce an unencrypted managed command;
a escrow processor on the escrow payload that reconfigures the escrow payload in accordance with the unencrypted escrow command, wherein the escrow payload includes the escrow communication security module and the escrow processor;
the host payload antenna to transmit host user data to a host user antenna utilizing at least one of the at least one in-band frequency band;
the managed communications security module encrypting unencrypted managed payload telemetry by utilizing the managed COMSEC variant to produce encrypted managed payload telemetry; and
the managed payload antenna to transmit the encrypted managed payload telemetry using at least one of the at least one in-band frequency band;
wherein the HOC decrypts the encrypted managed payload telemetry by utilizing the managed COMSEC variant to produce the unencrypted managed payload telemetry.
2. The system of claim 1, wherein the managed processor comprises the managed communication security module as a single unit.
3. The system of claim 1, wherein the managed communications security module and the managed processor are two separate units.
4. The system of claim 1, wherein the hosting processor comprises at least one processor.
5. The system of claim 1, wherein the host payload comprises at least one processor.
6. The system of claim 1, wherein the host communication security module comprises more than one communication security module.
7. The system of claim 1, wherein the hosted communications security module comprises more than one communications security module.
8. The system of claim 1, wherein the host payload antenna and the host payload antenna each comprise at least one Radio Frequency (RF) antenna.
9. The system of claim 8, wherein the RF antenna is at least one of a reflector antenna or a multi-feed array antenna.
10. The system of claim 1, wherein at least one of the host payload or the managed payload is reconfigured by adjusting at least one of: repeater power, repeater spectrum monitoring, repeater connection, repeater gain setting, repeater limiter setting, repeater automatic level control setting, repeater phase setting, internal gain generation, bandwidth of at least one beam, at least one frequency band of at least one of the at least one beam, repeater beamforming setting, Effective Isotropic Radiated Power (EIRP) of at least one of the at least one beam, repeater channel or beam steering.
11. The system of claim 1, wherein the host payload is reconfigured by reconfiguring at least one of: the host payload antenna, at least one analog-to-digital converter, at least one digital-to-analog converter, at least one beamformer, at least one digital channelizer, at least one demodulator, at least one modulator, at least one digital switch matrix, at least one digital combiner, or at least one analog switch matrix.
12. The system of claim 1, wherein the managed payload is reconfigured by reconfiguring at least one of: the managed payload antenna, at least one analog-to-digital converter, at least one digital-to-analog converter, at least one beamformer, at least one digital channelizer, at least one demodulator, at least one modulator, at least one digital switch matrix, at least one digital combiner, or at least one analog switch matrix.
13. The system of claim 1, wherein the vehicle is an air vehicle.
14. The system of claim 13, wherein the air vehicle is one of a satellite, an aircraft, a drone (UAV), or a space plane.
15. A method for payload manipulation, the method comprising implementing a system according to any one of claims 1-14.
CN201811128545.5A 2017-10-03 2018-09-27 Secure independent managed payload operation Active CN109600161B (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US15/724,091 US11201707B2 (en) 2017-03-06 2017-10-03 Secured independent hosted payload operations
US15/724,091 2017-10-03

Publications (2)

Publication Number Publication Date
CN109600161A CN109600161A (en) 2019-04-09
CN109600161B true CN109600161B (en) 2022-06-03

Family

ID=63713608

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811128545.5A Active CN109600161B (en) 2017-10-03 2018-09-27 Secure independent managed payload operation

Country Status (6)

Country Link
EP (2) EP3800808B8 (en)
JP (1) JP7235469B2 (en)
CN (1) CN109600161B (en)
AU (1) AU2018236880B2 (en)
BR (1) BR102018070055A2 (en)
ES (2) ES2842923T3 (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112425092B (en) * 2018-05-04 2023-04-11 波音公司 Managed payload operation
CN110989444A (en) * 2019-12-12 2020-04-10 湖北航天技术研究院总体设计所 Missile-borne integrated control system based on multi-core SoC

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101304408A (en) * 2008-06-03 2008-11-12 中国航天时代电子公司第七七一研究所 Method for processing remote sensing satellite load data
EP2518821A1 (en) * 2011-04-28 2012-10-31 MacDonald, Dettwiler and Associates Corporation Architecture and method for optimal tracking of multiple broadband satellite terminals
CN104221412A (en) * 2012-01-12 2014-12-17 波音公司 A system and method for secure communication
CN104281449A (en) * 2014-09-16 2015-01-14 上海卫星工程研究所 Managed spacecraft task management system and management method
CN105549464A (en) * 2015-12-10 2016-05-04 中国电子科技集团公司第三十二研究所 Management and control system for medium and high orbit satellite payload

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2000252903A (en) * 1999-02-26 2000-09-14 Mitsubishi Electric Corp Telemetry command transmission device
US6498937B1 (en) * 2000-07-14 2002-12-24 Trw Inc. Asymmetric bandwidth wireless communication techniques
US8355359B2 (en) * 2008-08-04 2013-01-15 Orbital Sciences Corporation Secondary payload interface
US8873456B2 (en) * 2011-09-23 2014-10-28 The Boeing Company Multi-operator system for accessing satellite resources
US9001642B2 (en) * 2011-09-23 2015-04-07 The Boeing Company Selective downlink data encryption system for satellites
US9571194B2 (en) * 2013-12-05 2017-02-14 The Boeing Company Near-field connectivity for hosted payloads
US9621255B1 (en) * 2015-11-12 2017-04-11 Space Systems/Loral, Llc Channelizer supplemented spacecraft telemetry and command functionality

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101304408A (en) * 2008-06-03 2008-11-12 中国航天时代电子公司第七七一研究所 Method for processing remote sensing satellite load data
EP2518821A1 (en) * 2011-04-28 2012-10-31 MacDonald, Dettwiler and Associates Corporation Architecture and method for optimal tracking of multiple broadband satellite terminals
CN104221412A (en) * 2012-01-12 2014-12-17 波音公司 A system and method for secure communication
CN104281449A (en) * 2014-09-16 2015-01-14 上海卫星工程研究所 Managed spacecraft task management system and management method
CN105549464A (en) * 2015-12-10 2016-05-04 中国电子科技集团公司第三十二研究所 Management and control system for medium and high orbit satellite payload

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
CHIRP program lessons learned from the contractor program management team perspective;Rich Pang,etc.;《2012 IEEE Aerospace Conference》;20120419;全篇 *

Also Published As

Publication number Publication date
ES2942914T3 (en) 2023-06-07
JP2019097156A (en) 2019-06-20
AU2018236880B2 (en) 2023-02-02
JP7235469B2 (en) 2023-03-08
EP3800808B8 (en) 2023-04-19
EP3800808A1 (en) 2021-04-07
AU2018236880A1 (en) 2019-04-18
EP3468067A1 (en) 2019-04-10
CN109600161A (en) 2019-04-09
EP3800808B1 (en) 2023-03-15
EP3468067B1 (en) 2020-11-25
BR102018070055A2 (en) 2019-04-24
NZ746846A (en) 2023-10-27
ES2842923T3 (en) 2021-07-15

Similar Documents

Publication Publication Date Title
US11201707B2 (en) Secured independent hosted payload operations
US11595360B2 (en) Hosted payload operations with private telemetry and command
US11290176B2 (en) Facilitating satellite operations with secure enclave for hosted payload operations
US11388151B2 (en) Protected multi-operators payload operations with private telemetry and command
CN109600161B (en) Secure independent managed payload operation
CN109600352B (en) Commercial satellite operation with secure zones for payload operation
JP7122062B2 (en) Protected multi-operator payload operation
AU2018421732B2 (en) Hosted payload operations
NZ746846B2 (en) Secured independent hosted payload operations

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant